InstantDB Project
About InstantDB
Project Mail Lists
Short History
Reporting Bugs
Screen Shots
3rd Party Examples
FAQs

Software
Downloads
Documentation
CVS Repositories
Roadmap
License

About Enhydra.org
Who We Are
News, Articles & Events
Getting Involved
Contact Us

Community
Demos
Contributions
Resources
Case Studies
On The Edge! -NEW-
Commercial Vendors
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: InstantDB: Re: Version 3.13 & Network Support using RmiJDBC

Below is the policy file that I have that I use to ammend the java.policy in
the jre. I launch the rmi server with the following:

java -Ddb.root=c:\\src\\project\\db -Djava.security.policy=db.policy
RmiJdbc.RJJdbcServer org.enhydra.instantdb.jdbc.idbDriver

Where I am having problems is the last PropertyPermission line. If I remove
it or mark it as read only I get a security exception. There has to be other
properties being read. Maybe they are being read by RmiJdbc.

BTW, the link at the instantdb site for RmiJdbc is out of date. The new one
is http://www.objectweb.org/RmiJdbc/RmiJdbcHomePage.htm

- Bill

File: db.policy
grant { 
	permission java.util.PropertyPermission "java.rmi.server.hostname",
"read";
	permission java.util.PropertyPermission "noBanner", "read";
	//permission java.util.PropertyPermission "java.vendor", "read";
	permission java.util.PropertyPermission "*", "read,write";

	permission java.io.FilePermission "${db.root}${/}*", "read";
	permission java.io.FilePermission "${db.root}${/}trace.log",
"read,write";
	permission java.io.FilePermission "${db.root}${/}indexes${/}*",
"read,write,delete";
	permission java.io.FilePermission "${db.root}${/}system${/}*",
"read,write,delete";
	permission java.io.FilePermission "${db.root}${/}tables${/}*",
"read,write,delete";
	permission java.io.FilePermission "${db.root}${/}tmp${/}*",
"read,write,delete";
};


-----Original Message-----
From: Peter Hearty [mailto:peter.hearty@lutris.com]
Sent: Friday, June 30, 2000 10:07 AM
To: instantDB@enhydra.org
Subject: Re: InstantDB: Re: Version 3.13 & Network Support using RmiJDBC


Bill

Apart from all of its own properties from the .prp file, the only system
property that I can find InstantDB trying to read is the java.vendor
property. All properties will be read by the DBBrowser utility unless you
edit its code to take them out.

As to the correct contents for the java.policy file - I think you're
probably leading edge on this one. Any info you do pick up would, I'm sure
be very useful to everyone else in this group.

Regards

Peter Hearty
Lutris Technologies UK Ltd.
-----Original Message-----
From: BSmith@ixl.com <BSmith@ixl.com>
To: instantDB@enhydra.org <instantDB@enhydra.org>
Cc: mombasa@ptolemy.arc.nasa.gov <mombasa@ptolemy.arc.nasa.gov>
Date: 30 June 2000 13:48
Subject: InstantDB: Re: Version 3.13 & Network Support using RmiJDBC


>Has anybody responded with an answer security policy question? I've figured
>out most of them, but now I'm getting a:
>Unexpected exception; nested exception is:
>java.security.AccessControlException: access denied
>(java.util.PropertyPermission * read,write)
>I don't want to give blanket read,write property permissions. What
>properties are InstantDB reading and/or writing?
>BTW, This is true for 3.14 as well.
>
>TIA,
>Bill
>
>---------------------------------------------------
>Hi,
>I'd appreciate if someone could mail me the solution to the following
>problem :
>I've installed: InstantDB version 3.13 on Sparc Solaris running Jdk1.2.
>I created the "sample" database.
>0) I move the following files into ${JAVA_HOME}/jre/lib/ext , needed
amongst
>other things
>one need not have these classes on the "downloaded classes" CLASSPATH.
>idb.jar
>RmiJdbc.jar
>Reason: Otherwise I run into the documented security problems with JDK1.2.
>
>** It would be nice if someone could say what modifications are needed in
>the personal
>** ${HOME}/.java.policy file.
>1) I start the RmiJdbc.RJJdbcServer
>I am able to view the contents of the sample database with "java JDBCmain"
>using the URL: jdbc:idb:/tmp/Idb/sample.prp
>From the screen echo I know its using : jdbc.idbDriver.
>PROBLEM:
>To confirm that I am using the RmiJdbc drivers, as opposed to the
>"sun.jdbc.odbc.JdbcOdbcDriver" which is
>also loaded in "JDBCmain" (JDBCAppl), I attempt the following :
>Use of :
>1) TestClient code which arrives with RmiJdbc compiled in /somepath/
>setenv CLASSPATH ${CLASSPATH}:/somepath
>java TestClient
>TestClient:jdbc:rmi://hostname.domainname/jdbc:idb=sample.prp
>java.rmi.UnexpectedException: Unexpected exception; nested exception is:
>java.security.AccessControlException: access denied
>(java.util.PropertyPermission * read,write)
>java.security.AccessControlException: access denied
>(java.util.PropertyPermission * read,write)
>at
>sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemote
C
>all.java, Compiled Code)
>at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java,
>Compiled Code)
>at sun.rmi.server.UnicastRef.invoke(UnicastRef.java, Compiled Code)
>at RmiJdbc.RJDriverServer_Stub.connect(RJDriverServer_Stub.java, Compiled
>Code)
>at RmiJdbc.RJConnection.<init>(RJConnection.java, Compiled Code)
>at RmiJdbc.RJDriver.connect(RJDriver.java, Compiled Code)
>at java.sql.DriverManager.getConnection(DriverManager.java, Compiled Code)
>at java.sql.DriverManager.getConnection(DriverManager.java, Compiled Code)
>at TestClient.main(TestClient.java, Compiled Code)
>java.sql.SQLException: Unexpected exception; nested exception is:
>java.security.AccessControlException: access denied
>(java.util.PropertyPermission * read,write)
>at RmiJdbc.RJDriver.connect(RJDriver.java, Compiled Code)
>at java.sql.DriverManager.getConnection(DriverManager.java, Compiled Code)
>at java.sql.DriverManager.getConnection(DriverManager.java, Compiled Code)
>at TestClient.main(TestClient.java, Compiled Code)
>
>2) RJAdmin code that is in RmiJdbc.jar file, and I compiled in /somepath/
>
>setenv CLASSPATH ${CLASSPATH}:/somepath
>cd /tmp/Idb
>java RJAdmin PING jdbc:rmi:jdbc:idb=sample.prp
>jdbc:rmi:jdbc:idb=sample.prp] server is responding, but database connection
>failed for [,]
>As you can see in both instances I fail to connect to the Database.
>In (1) it looks like some security related issue, which I thought with
>moving the .jar files into jre/lib/ext/
>would have cured, alas not.
>I've followed the instructions in "Network Support" documentation of
>InstantDB :
><http://instantdb.enhydra.org/software/documentation/network.html>
>So I would really appreciate some help on resolving this. Please do email
me
>the response, as I do not subscribe to
>this channel due to lack of time in reading all the messages that I have
>from other channels.
>Tarang
>
>--
>Tarang Kumar Patel.     WWW home:<http://ic-www.arc.nasa.gov/ic/>
>NASA Ames Research Center, MS 269-2, Moffett Field, CA 94035-1000
>Email: mombasa@ptolemy.arc.nasa.gov, Tel:(650) 604-4721 fax: (650) 604 3594
>Stated views are my own IDEA, as I'm another I.D.E.A man "I Didn't Explain
>All"
> <<...>>
>
>---------------------------------------------------------------------------
--
>To unsubscribe from this mailing list, send email to majordomo@enhydra.org
>with the text "unsubscribe instantdb" in the body of the email.
>If you have other questions regarding this mailing list, send email to
>the list admin at owner-instantdb@enhydra.org.

----------------------------------------------------------------------------
-
To unsubscribe from this mailing list, send email to majordomo@enhydra.org
with the text "unsubscribe instantdb" in the body of the email.
If you have other questions regarding this mailing list, send email to
the list admin at owner-instantdb@enhydra.org.
-----------------------------------------------------------------------------
To unsubscribe from this mailing list, send email to majordomo@enhydra.org
with the text "unsubscribe instantdb" in the body of the email.
If you have other questions regarding this mailing list, send email to
the list admin at owner-instantdb@enhydra.org.